Executive Summary
Summary | |
---|---|
Title | Adobe Flash ActionScript 3 BitmapData memory corruption vulnerability |
Informations | |||
---|---|---|---|
Name | VU#918568 | First vendor Publication | 2015-07-12 |
Vendor | VU-CERT | Last vendor Modification | 2015-07-14 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#918568Adobe Flash ActionScript 3 BitmapData memory corruption vulnerabilityOverviewAdobe Flash Player contains a vulnerability in the ActionScript 3 BitmapData object, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditThis vulnerability was reported by TrendMicro, based on the HackingTeam leak. This document was written by Will Dormann. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/918568 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-416 | Use After Free |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 2 | |
Os | 2 | |
Os | 1 | |
Os | 2 | |
Os | 3 | |
Os | 1 |
Snort® IPS/IDS
Date | Description |
---|---|
2015-09-08 | Adobe flash player BitmapData.paletteMap use after free attempt RuleID : 35466 - Revision : 3 - Type : FILE-FLASH |
2015-09-08 | Adobe flash player BitmapData.paletteMap use after free attempt RuleID : 35465 - Revision : 3 - Type : FILE-FLASH |
2015-09-08 | Adobe flash player BitmapData.paletteMap use after free attempt RuleID : 35464 - Revision : 2 - Type : FILE-FLASH |
2015-09-08 | Adobe flash player BitmapData.paletteMap use after free attempt RuleID : 35463 - Revision : 2 - Type : FILE-FLASH |
2015-08-14 | Adobe Flash Player BitmapData use-after-free attempt RuleID : 35220 - Revision : 3 - Type : FILE-FLASH |
2015-08-14 | Adobe Flash Player BitmapData use-after-free attempt RuleID : 35219 - Revision : 3 - Type : FILE-FLASH |
2015-08-14 | Adobe Flash Player BitmapData use-after-free attempt RuleID : 35218 - Revision : 2 - Type : FILE-FLASH |
2015-08-14 | Adobe Flash Player BitmapData use-after-free attempt RuleID : 35217 - Revision : 2 - Type : FILE-FLASH |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-09-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201508-01.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-496.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1255-1.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1258-1.nasl - Type : ACT_GATHER_INFO |
2015-07-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2015-1235.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Windows host has a browser plugin installed that is affected by mu... File : smb_kb3079777.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote Windows host has a browser plugin installed that is affected by mu... File : flash_player_apsb15-18.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote Windows host contains a web browser that is affected by multiple r... File : google_chrome_43_0_2357_134.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote Mac OS X host has a browser plugin installed that is affected by m... File : macosx_flash_player_apsb15-18.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_43_0_2357_134.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-07-18 13:29:52 |
|
2015-07-16 09:34:47 |
|
2015-07-14 21:30:46 |
|
2015-07-14 17:29:51 |
|
2015-07-14 17:25:16 |
|
2015-07-13 17:24:52 |
|
2015-07-13 05:27:05 |
|